-
Please review the [Community Note](https://github.com/trufflesecurity/trufflehog/blob/main/.github/community_note.md) before submitting
### TruffleHog Version
### Trace Output
```sh
./truf…
-
This will require that we get a token from each team with relevant permissions for the appropriate repositories. Consider if the benefit is greater than the time cost across teams:
https://docs.githu…
-
**Describe the issue**
From v3.2.65 onwards we are experiencing hanging on our terraform plan scans
This is happening on GH runners as well as locally. This scan works on v.3.2.63 but fails on an…
-
Tracking issue for:
- [ ] https://github.com/varol-adem/juice-shop/security/code-scanning/166
-
Initial status + link
-
### Discussed in https://github.com/aquasecurity/trivy/discussions/6370
Originally posted by **wangzhihaocom** March 22, 2024
### Description
After I run `export AWS_PROFILE=some_profile`…
-
### Current Behavior
I created a new project and imported an SBOM of an old version of debian-slim. Trivy reports vulnerabilities but dependencyTrack doesn't. I created a Sonatype OSS account and con…
-
### Describe the need
Github Advanced Security provides a lot of features, such as secret scanning, code scanning, and more expansive Dependabot management.
Being able to manage these features for a…
-
### What happens?
It seems like duckdb doesn't remember persistent secrets when I use SET secret_directory across different sessions.
However, if I don't use SET secret_directory everything work…
-
**Problem**
Currently, NP scans generate a large number of uniquely titled risks, such as `git-secrets-generic:HEX`. As a result, we'd need to add a unique definitions file for each risk (since the n…